[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Is three hops enough? (was Re: Tor client over a SOCKS proxy, and Tor client running through another Tor Circuit)



On Sat, Apr 29, 2006 at 04:20:22AM +1000, glymr wrote:
 [...]
> i did some thinking and i figured out that with any number of hops,
> one can compromise the data in the stream if one has alternating nodes
> because each node can work out whether it is sending to the same node
> as another is receiving, and knowing this information would enable
> cryptanalysis, or at least would make timing analysis simple. it
> certainly would increase the ability to determine a set of connections
> to various sites and collate them together as an anonymous but
> profiled user.

Please, please, read the FAQ that Roger cited.  You don't need
alternating hops to do a correlation attack; you just need first and
last.

> i think that the best way to increase robustness against timing
> attacks is to create random delays or jumble up the order of streams
> in a way that adds noise to the timing data gathered.

Congratulations; you just invented high-latency mix-nets. :)

The problem is that nobody can prove that these "jumbling" techniques
do any good in resisting an attacker until you increase the delay to
the point where messages take a very long time to arrive.  When this
happens, you wind up with a very low number of users, so you don't get
much anonymity anyway.

You can find out more about the last 25 years of anonymity research at
http://freehaven.net/anonbib/ .

yrs,
-- 
Nick Mathewson

Attachment: pgpXdAZYuXRmu.pgp
Description: PGP signature